National Telehealth Takedown Highlights Opportunity for Providers to Enhance Compliance Efforts

Posted In Telehealth

The US Department of Justice and the US Department of Health and Human Services Office of Inspector General recently announced a significant healthcare fraud takedown involving $4.5 billion in allegedly false and fraudulent claims involving telehealth. The allegations involved telehealth executives paying healthcare providers to order unnecessary items and services, as well as payments from durable medical equipment companies, laboratories and pharmacies for those orders. While the alleged conduct is not representative of the legitimate and crucial telehealth services offered by the vast majority of healthcare providers, the government’s continued focus on telehealth arrangements, combined with the ongoing expansion of coverage for telehealth services, provides an important opportunity for healthcare providers to evaluate their telehealth service offerings and arrangements and to further enhance their related compliance activities.

In Depth

On September 30, 2020, the US Department of Justice (DOJ) issued a press release describing the largest national healthcare fraud and opioid enforcement action in the DOJ’s history (the Takedown). The Takedown involved coordination with the US Department of Health and Human Services Office of Inspector General (OIG) and other federal and state law enforcement agencies, and resulted in cases against more than 345 defendants in 51 judicial districts. The government charged the defendants with participating in healthcare fraud schemes involving more than $6 billion in alleged losses to federal health care programs, with the vast majority of alleged losses ($4.5 billion) stemming from arrangements involving alleged “telefraud.”

According to the DOJ press release, a recently announced National Rapid Response Strike Force led the initiative focused on telehealth. The National Rapid Response Strike Force is part of the Health Care Fraud Unit of DOJ’s Criminal Division Fraud section, and its mission is to “investigate and prosecute fraud cases involving major health care providers that operate in multiple jurisdictions, including major regional health care providers operating in the Criminal-Division-led Health Care Fraud Strike Forces throughout the United States.”


In recent years, the government has increasingly focused on alleged healthcare fraud schemes involving telehealth services. In connection with the Takedown, OIG issued a fact sheet and graphic highlighting the increase in “telefraud” arrangements leveraging “aggressive marketing and so-called telehealth services.” The individuals charged in the Takedown included telehealth company executives, medical providers, marketers and business owners who allegedly used telemarketing calls, direct mail, and television and internet advertisements to collect information from unsuspecting patients.

Many of the cases involved telehealth executives who allegedly paid healthcare providers to order unnecessary durable medical equipment (DME), genetic and other diagnostic testing, and medications, either without any patient interaction or with only a brief phone call. The government alleged that the arrangements involved kickbacks to telehealth executives after the DME company, laboratory or pharmacy billed Medicare or Medicaid for items and services that the government asserts were often not provided to beneficiaries or were “worthless to patients . . . and delayed their chance to seek appropriate treatment for medical complaints.”

DOJ provided a summary of the cases prosecuted, which included a wide variety of alleged fraudulent schemes involving telehealth, including the following:

  • A marketing company that recruited Medicare beneficiaries to obtain medically unnecessary genetic testing ordered by telehealth physicians who received illegal kickbacks and bribes from telehealth companies.
  • An owner and operator of a telehealth company who paid kickbacks and bribes to call centers and healthcare professionals in exchange for referrals and orders for medically unnecessary genetic cancer screening tests for Medicare beneficiaries.
  • A laboratory owner who conspired to pay kickbacks for genetic testing orders and specimens to run medically unnecessary diagnostic testing.
  • Laboratory owners who were charged with paying kickbacks to a network of marketers to procure DNA samples for genetic testing that they knew to be medically unnecessary and not reimbursable by the patients’ health care benefit programs. Beneficiaries were solicited through methods such as telemarketing, door-to-door sales and appearances at senior health fairs, and the tests were approved by a range of medical professionals, including doctors operating on telehealth platforms, who had not previously treated the patients and had little or no contact with the patients in connection with prescribing the testing.

Practical Implications

The Takedown is an example of the government’s continued and growing focus on telehealth services arrangements. Although the alleged fraudulent practices are not representative of the broader community of telehealth providers that deliver necessary care to patients in a convenient and efficient way, the government’s actions offer insights that can help legitimate telehealth providers further enhance their ongoing compliance practices. As telehealth becomes an increasingly common method for delivering healthcare, current telehealth providers and those organizations considering expanding into telehealth services, as well as individual healthcare providers who may provide telehealth services through another company, should consider the following issues when reviewing their existing telehealth programs or before establishing a new telehealth service line or entering into arrangements with third parties to provide telehealth services.

Patient-Provider Relationship. Two common features of many of the Takedown cases, according to DOJ, were the lack of meaningful interaction between provider and patient and the ordering of medically unnecessary products or services. These cases often involved alleged inappropriate patient marketing activities where a potential patient received a “cold call” followed by a telephonic examination if the potential patient expressed a willingness to speak to a provider. The requirements for establishing a sufficient patient-provider relationship for diagnosis, treatment, and the ordering of medical equipment and laboratory testing are determined primarily by state laws and regulations. These laws and regulations may be unclear on the types of technology modalities required to conduct a patient examination that supports the issuance of a prescription or order. In addition to complying with state law requirements, a valid patient-provider relationship is typically required to bill payors for telehealth services. Identifying the sometimes blurry line between appropriate and inappropriate conduct is critical to ensuring that appropriate care is delivered and to mitigating legal risk.

Employee Moonlighting. Provider organizations should consider evaluating any “moonlighting” activities by their employed or contracted providers. In light of the Coronavirus (COVID-19), many physicians and other providers are seeking additional opportunities to provide care to patients because of the sharp decline in in-person visits. Providers may begin providing telehealth services through other companies or entities during their “off” hours. These providers should ensure that they engage with reputable telehealth companies to avoid getting caught up in the types of alleged telefraud arrangements that were the focus of the Takedown. Provider organizations should understand what their physicians are doing outside of their regular jobs; if a physician is unknowingly participating in a potentially fraudulent telehealth arrangement, that could negatively affect the provider organization’s reputation. Provider organizations that permit their employed and contracted staff to “moonlight” can help mitigate risk by offering education and resources to individual providers to ensure they are aware of the existence of fraudulent telehealth companies and networks that may not have the providers’—or their patients’—best interests in mind.

Coverage and Billing Requirements. Increasing recognition of the value and benefits of telehealth is resulting in the rapid evolution of coverage and billing requirements for telehealth services. While these changes can positively affect a telehealth program’s operations, organizations should carefully review and stay up-to-date on government and commercial payor requirements for telehealth services, as they are not always as broad or liberating as they may first appear. Organizations should ensure that appropriate checks are in place to make certain that they use proper billing and reimbursement codes.

COVID-19 Waivers and Their Eventual Expiration. During the COVID-19 public health emergency, the Centers for Medicare and Medicaid Services (CMS) expanded payment for telehealth under its 1135 waiver authority and permitted providers to use dozens of new billing codes for telehealth services. Telehealth regulations have also been relaxed at the state level, as we previously detailed here and here. This rapid regulatory change has allowed more flexibility for providers and improved access to telehealth services for patients during the COVID-19 pandemic. Despite these changes, legitimate telehealth providers should develop medically appropriate clinical protocols to govern care provided via telehealth, ensure the use of safe and secure technology, and establish operating guidelines to ensure care is provided consistent with all state and federal requirements. In addition, the COVID-19-related emergency declarations that allow for these changes will end, and providers should be prepared to comply with pre-pandemic laws and regulations.

State Licensure. In order to legitimately provide and bill for telehealth services, providers should be licensed to practice their respective profession in the state in which the patient is located at the time of the encounter, unless an exception exists. In response to COVID-19, many states have waived or loosened the licensure requirements.

Key Takeaways
Telehealth providers should:

  • Carefully consider the implications before entering into an arrangement with other parties, including DME companies, laboratories and pharmacies, and contemplate what different parties will provide in connection with the arrangement.
  • Be particularly diligent in the design and compliance oversight of marketing strategies to confirm that patients are reached through appropriate channels, which may not include “cold calls.”
  • Ensure that state-level requirements to establish a legitimate physician-patient relationship are satisfied. This involves evaluating the proposed arrangement under applicable state laws and regulations. Many of these laws and regulations have changed in light of COVID-19.
  • Ensure that the provider’s compliance program appropriately addresses issues brought up by telehealth arrangements, including careful review of marketing materials and compensation and billing arrangements.
  • Carefully evaluate coding and billing practices to ensure such practices are consistent with both government and commercial payor requirements. Again, these requirements have changed considerably because of COVID-19 and likely will continue to evolve.

Please do not hesitate to contact your regular McDermott lawyer or any of the authors of this On the Subject if you have questions or need assistance with structuring and evaluating telehealth arrangements and related compliance practices and issues.

James A. Cannatti III
James A. Cannatti III* practices at the intersection of today's most pertinent health care issues, including digital health, health IT policy, and fraud and abuse, including Anti-Kickback Statute/Stark Law matters. With more than 10 years of experience in the US Department of Health & Human Services’ (HHS) Office of Inspector General (OIG), most recently as Senior Counselor for Health Information Technology, James is well-attuned to the regulatory issues impacting the rapidly evolving digital health landscape. Read James A. Cannatti III's full bio.  *Not admitted to practice in the District of Columbia; admitted only in Ohio. Supervised by principals of the Firm who are members of the District of Columbia Bar.

Marshall E. Jackson, Jr.
Marshall E. Jackson, Jr. focuses his practice on transactional and regulatory counseling for clients in the health care industry, as well as advises clients on the legal, regulatory and compliance aspects of digital health. Marshall provides counseling and advice to hospitals and health systems, private equity firms and their portfolio companies, post/sub-acute providers, physician practices, and other public and private health care companies in a variety of complex transactions and health regulatory compliance matters. Read Marshall Jackson's full bio.

Tony Maida
Tony Maida counsels health care and life sciences clients on government investigations, regulatory compliance and compliance program development. Having served as a government official, Tony has extensive experience in health care fraud and abuse and compliance issues, including the federal and state Anti-Kickback and Stark Laws and Medicare and Medicaid coverage and payment rules. He represents clients in False Claims Act (FCA) qui tam matters, government audits, civil monetary penalty and exclusion investigations, and Centers for Medicare and Medicaid Services (CMS) suspension, and revocation actions, negotiating and implementing corporate integrity agreements, and making government self-disclosures. Read Tony Maida's full bio.

Lisa Mazur
Lisa Mazur advises health care providers and technology companies on a variety of legal, regulatory and compliance matters with a particular focus on digital health topics, including telehealth, telemedicine, mobile health and consumer wellness. Lisa advises a variety of health care providers and technology companies involved in “digital health,” including assisting clients in developing and implementing telemedicine programs by advising on issues related to professional licensure, scope of practice, informed consent, prescribing and reimbursement. Lisa helps clients identify and understand the relevant legal issues, and develop and implement practical, forward-thinking solutions and strategies that meet the complex and still-evolving digital health regulatory landscape.  Read Lisa Mazur's full bio.

Dale C. Van Demark
  Dale C. Van Demark advises clients in the health industry on strategic transactions and the evolution of health care delivery models. He has extensive experience in health system affiliations and joint venture transactions. Dale also provides counseling on the development of technology in health care delivery, with a particular emphasis on telemedicine. Dale has been at the forefront of advising clients with respect to the globalization of the US health care industry. He advises US and non-US enterprises with respect to the formation of cross-border affiliations and international patient programs. In addition to writing regularly on matters related to his practice, Dale has spoken at numerous conferences around the world on the globalization of health care. Read Dale Van Demark's full bio.

Caroline Reigart
Caroline Reigart counsels healthcare clients, including for-profit and nonprofit hospitals, health systems, physician groups and others, in planning healthcare transactions and other business arrangements, with a focus on conducting regulatory due diligence and bond financing diligence review. Read Caroline Reigart's full bio. 




2021 Chambers USA top ranked firm
U.S. News Law Firm of the Year 2022 Health Care Law
U.S. News Law Firm of the Year 2022 Health Care Law